Securing SQL Server
While customers await Yukon, however, SQL Server itself has been getting more secure, Rizzo said. Microsoft has been spending extra money on security, as executives acknowledged during the companys second-quarter financial conference call, with much of the funds getting pumped into educating developers and customers. One security-related educational venture has been the recent launch of the new Security Guidance Center on Microsofts TechNet site. Launched about two weeks ago, the Center is a portal for all things security-related that might concern SQL Server customers. Security-related funds are also going to other initiatives, including Webcasts, written articles and other educational ventures for outside partners and customers, Rizzo said. Rizzo also pointed to Microsofts automated Baseline Security Analyzer tool as proof that the company is helping customers to secure SQL Server. Released some two years ago, this free tool seeks out unpatched Windows systems and applications on networks, then tells users what they need and where to find patches. Finally, the company is aiming to come out with a SQL Server-specific update feature similar to its current Windows Update, which notifies users when patches or drivers are available, though a release date has yet to be determined.To find out how patch mismanagement fueled Slammer, click here. Next page: More people, more strategy around adding features.
Customers are clamoring for such a feature in hopes that it could protect them from catastrophes such as that wrought by Slammer. Slammer, a SQL Server worm that brought down the Internet some 13 months ago, preyed on machines that lacked a patch that had been available for some time. As a result, many small to medium-sized businesses with small and/or overworked IT staffs voiced need for some help with patch management.